package com.woniuxy.shirodemo;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.env.BasicIniEnvironment;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;

@SpringBootTest
public class ShiroPerm {
    /**
     * 来进行权限判断
     */
    @Test
    public void authentication(){
        //1、首先要获取配置文件 来构建shiro的环境
        BasicIniEnvironment basicIniEnvironment = new BasicIniEnvironment("classpath:shiro-perm.ini");
        //2、通过环境来创建SecurityManage
        SecurityManager securityManager = basicIniEnvironment.getSecurityManager();
        //3、将SecurityManage，放入一个shiro的工具类中
        SecurityUtils.setSecurityManager(securityManager);


        //4.直接操作工具类 创建subject主体
        Subject subject = SecurityUtils.getSubject();

        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken("mayun", "123456");
        //通过subject可以执行登录操作 登录后才能够进行权限判断
        subject.login(usernamePasswordToken);
        //来判断这个subject主体，是否能够认真成功
        System.out.println("是否能认证成功："+subject.isAuthenticated());
        System.out.println("当前登录的用户名是："+subject.getPrincipal());
//        这里开始进行权限判断
        System.out.println("判断当前登录的subject是否有role1的角色："+subject.hasRole("role3"));
        System.out.println("判断当前登录的subject是否有user:save的保存权限："+subject.isPermitted("user:save"));
        System.out.println("判断当前登录的subject是否有user:delete的权限："+subject.isPermitted("user.delete"));
    }
}
